CVE-2005-2916
https://notcve.org/view.php?id=CVE-2005-2916
Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi. • http://www.idefense.com/application/poi/display?id=306&type=vulnerabilities http://www.idefense.com/application/poi/display?id=307&type=vulnerabilities •
CVE-2005-2915
https://notcve.org/view.php?id=CVE-2005-2915
ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. • http://www.idefense.com/application/poi/display?id=304&type=vulnerabilities •
CVE-2005-2589
https://notcve.org/view.php?id=CVE-2005-2589
Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. • http://secunia.com/advisories/16457 http://securitytracker.com/id?1014721 http://www.securityfocus.com/archive/1/408161 http://www.securityfocus.com/bid/14566 •
CVE-2005-2434
https://notcve.org/view.php?id=CVE-2005-2434
Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information. El rúter de Linksys WRT54G usa la misma clave privada en todos los rúter, lo que permite que atacantes remotos puedan escuchar conexiones SSL y obtener así información confidencial. • http://marc.info/?l=bugtraq&m=112258422806340&w=2 http://secunia.com/advisories/16271 http://securitytracker.com/id?1014596 http://www.securityfocus.com/bid/14407 https://exchange.xforce.ibmcloud.com/vulnerabilities/21635 •
CVE-2005-1059 – Linksys WET11 - Password Update Remote Authentication Bypass
https://notcve.org/view.php?id=CVE-2005-1059
Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original password via the data parameter to changepw.html. • https://www.exploit-db.com/exploits/25359 http://secunia.com/advisories/14871 http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2005-04/0148.html http://www.securityfocus.com/bid/13051 https://exchange.xforce.ibmcloud.com/vulnerabilities/20008 •